Reversible generation process of altered payment card by means of a mathematical algorithm

ABSTRACT

The process consists of carrying out the first phase of generating the transaction signature ( 9 ), with prior authentication by the cardholder, in the issuing centre ( 3 ) through its authentication server ( 5 ), a second phase of decimalising ( 10 ) the signature ( 9 ) to obtain a valid permutation number and a third phase of permuting ( 11 ) the intermediary positions or digits of the card, the processor fixing a BIN and maintaining the check digit. In this way, the digits forming the expiry date are permuted. The card and expiry date are sent in the data flow ( 12 ) of the transaction to the acquiring server ( 7 ), from where they are sent back to the issuing centre ( 3 ), to its processing centre ( 6 ) to be specific, where three other operative phases are carried out: the new generation of the signature ( 13 ), its decimalisation ( 14 ) and lastly the inverse process ( 15 ) to reestablish the card&#39;s real data and expiry date.

OBJECTIVE OF THE INVENTION

[0001] The objective of the invention is to obtain an altered card. Bythis is meant the result of the application of a determined process to apayment card number in order to alter its number and its date of expiryand thus be able to openly transmit said number over various networks,such as the Internet® and specific payment networks, etc., in theauthorisation of transactions.

[0002] So the objective of the invention is to make the transactionsecure given that the information on the original card will not beaccessible to third persons. By doing so it will be impossible to usethe information fraudulently at a later date.

[0003] The invention is particularly recommended for E-commercetransactions carried out over the Internet®.

[0004] The basic process of the proposed invention consists of theauthorisation of a reversible mathematical algorithm, whose objective isto permute the digits of the payment card number and change the expirydate.

[0005] This algorithm is independent and open to the rest of theprocesses that take place in transactions authorising means of payment.It is an algorithm that, in order to be valid, further requires theconcurrence of the following characteristics of the card:

[0006] The altered card, with its expiry date altered, must appear to bea normal card with a normal expiry date.

[0007] The altered card's BIN must be globally recognised and belong tothe habitual processing centre of the original payment card.

[0008] The length of the altered card must be equal to that of theoriginal.

[0009] The altered card's number must be specific to the transaction.

[0010] The altered card's number must be unpredictable.

[0011] The system that implements this process must be sound so that itcan detect any unauthorised attempt to use it by third persons.

BACKGROUND OF THE INVENTION

[0012] As we all know, all payment cards have a determined number ofdigits. Some of those at the front form the “BIN”, which identifies theissuing body of the card, the following digits form the intermediarydata, with the exception of the last one, which normally corresponds tothe “Check-Digit”. The expiry date is also used as a means ofidentifying the card.

[0013] Whenever the card is used in a commercial operation, inparticular over the Internet®, but also when using other networks wherespecific means of payment are required, the card's true data is exposedto the net, thereby becoming accessible to third persons, and runningthe perfectly possible, and even frequent, risk of being used at a laterdate in a fraudulent manner to acquire goods or services, deliveringthem to a third person, in the name of the cardholder whose specificdata is known.

[0014] There are various methods that use ciphering, encoding,concealment, etc. of the card number to prevent the payment card's truenumber from being intercepted.

[0015] For example, one of the most important of these is describedunder European Patent publication number 1 029 311, and is based on aset of valid credit card numbers with one of them being the master, theone that actually works, and at least one more of limited usage, whichis connected to the master and which is the number actually sent overcommunication networks or the Internet®.

[0016] This limited usage number is deactivated with a code that can beactivated with different aims; for a single transaction, for a limitedperiod of time, for a limited amount of money, etc . . . .

DESCRIPTION OF THE INVENTION

[0017] The reversible generation process of altered payment cards bymeans of a mathematical algorithm proposed by the invention resolves theproblems stated above in a completely satisfactory manner whereby thedata exposed to the net is not the card's true data but data encryptedby means of the mathematical algorithm mentioned above, which is notvalid for later operations since the alteration of said data is specificto each transaction and differs from one transaction to another.

[0018] To be more specific, once the customer has decided on the truepayment card, the following operation steps or phases are laid down:

[0019] The Issuing Authentication Server generates the transactionsignature, with prior authentication of the payment cardholder.

[0020] The Issuing Authentication Server decimalises the transactionsignature to obtain a valid permutation number, depending on the numberof positions to be permuted within the payment card number.

[0021] The payment card's intermediary digits are permuted, fixing a BINwith a processor and keeping the payment card's Check-Digit. Theoriginal payment card's expiry date is changed and is used as the expirydate of the altered payment card.

[0022] The altered card obtained using the process above is sent in thedata flow of the transaction of means of payment to make thecorresponding authorisation request in the Processing Centre of theIssuing Body with this altered card, instead of with the original.

[0023] The Processing Centre of the Issuing Body generates thetransaction signature using the same process the Authentication Serverused in the first step.

[0024] Thus the decimalisation of the transaction signature iscalculated in the same way as in the second step.

[0025] Since the process is reversible, to obtain the expiry date of thetrue card the expiry date of the altered card is recuperated using theinverse process. In the same way the inverse permutation of the onecarried out in the third step is carried out to put each digit of thealtered payment card back in their original positions on the real card.

[0026] Next normally comes the Processing Centre of the Issuing Body,paying special attention to generating the altered number every time itis necessary throughout the lifecycle of the transaction of paymentmeans, such as Applications for copies, Setbacks, etc..

SPECIFICATION OF THE DRAWINGS

[0027] To complement this specification and with the aim of helping thereader to gain a better understanding of the invention'scharacteristics, in accordance with a prior example of its practicalusage, as an integral part of said specification a set of drawings isattached where the following is represented in an illustrative andnon-limited manner:

[0028]FIG. 1—Shows a typical diagram of a transaction of payment meansover the Internet® and the elements of the different steps of theprocess put forward by the invention.

[0029]FIG. 2—Shows a flow diagram indicating the stages in the processthat the original number of the credit card undergoes in theauthentication server of the issuing body or authority to obtain thealtered number.

[0030]FIG. 3—Shows a flow diagram indicating the stages in the processthat the credit card's original month and year undergo in the processingcentre of the issuing body or authority to obtain the altered month andyear.

[0031]FIG. 4—Shows a flow diagram indicating the stages in the processthat the altered credit card number undergoes in the processing centreof the issuing body or authority to obtain the original number.

[0032]FIG. 5—Shows a flow diagram indicating the stages in the processthat the altered credit card's month and year undergo in the processingcentre of the issuing body or authority to obtain the original month andyear.

PROMINENT REALISATION OF THE INVENTION

[0033] In the figure outlined reference has been made to (1) thecardholder's computer, to (2) the business, to (3) the issuingauthority, to (4) the acquiring authority and within (1) theauthentication server of the issuer (5) and the processing centre of theissuing body (6) and within (2) the acquiring server (7) and theprocessing centre of the acquiring body (8).

[0034] In line with the invention's process the cardholder chooses apayment card to make a payment by means of the normal methods, i.e. inthe authentication server (5) of the issuing body or authority (3), withprior authentication by the cardholder, where said issuing body (3) issolely responsible for the method employed and the processes carriedout, which do not form part of the process of the invention.

[0035] In said authentication server (5) of the issuer the first threephases or steps of the process are carried out, specifically thesignature step (9), the decimalisation step (10) and the permutationstep (11).

[0036] Step (9), i.e. the transaction signature, will be generated bythe Issuing Server in the usual way, taking into account that it must bedifferent in every transaction and making sure that the transaction'ssensitive data is not handled at any moment.

[0037] It is recommended that at least the following should be signeddigitally: the Amount of the transaction, the Order IdentificationNumber within the business, the Company Identification Code, theCurrency of the Transaction and a secret key known only to the issuer.

[0038] The real card's number and its expiry date must have no part incalculating the transaction signature. The remaining fields used togenerate the transaction signature must make the same journey in thepayment means transaction flow with the exception of the secret key.This assures a correct diversification when generating the signature,given that the data changes in each transaction.

[0039] The method used to generate the signature is open but hash SHA-1is recommended.

[0040] Once the transaction signature has been generated according tostep (9) above, we will proceed in obtaining (10) a decimal number thatwill monosemously determine the permutation to be applied to theoriginal payment card's number.

[0041] Depending on the card's length it will be necessary to choose atrandom a few positions of the characters that make up the signatureobtained in the previous step.

[0042] To carry out this process we have pointed out three basic partsof the card number:

[0043] Bin: Normally the six first positions of the payment card number.

[0044] Intermediary digits: The remaining digits minus the last one.

[0045] Check Digit: The last digit.

[0046] Example: If the original card number were 1234567890123456, thethree parts would be as follows: 123456 789012345 6 BIN IntermediaryData CD (Check Digit)

[0047] Depending on the number of intermediary digits that are going tobe permuted, we will have to take as many digits as there are of thesignature (N), in such a way that N is the largest whole number thatmakes 256**N (256 to the power of N) less than the number ofpermutations (P). P is obtained as a result of the number ofintermediary positions (T), i.e. T! (T factorial), or in other words:

P=1×2×3×4× . . . × (T−1)×T.

[0048] Lastly a multiplier factor F will be determined. This will be theintegral part of the result of the division of the number ofpermutations P by 256**N.

i.e. F=Integral [P/(256**N)]

[0049] Example: Taking the 16-digit card number above as an example andeliminating the 6 digits of the BIN and the Check Digit we are left with9 intermediary digits, i.e.

[0050] T=9, and thus the number of possible permutations will be:

P=9!=1×2×3×4×5×6×7×8×9=362880.

[0051] Given that 256**2=65536 and 256**3=16777216, then N=2, which willbe the random positions that must be taken from the transactionsignature.

[0052] The multiplier factor F will be the integral part of362880/(256**2)=5.

[0053] The decimalisation of the transaction signature to be used todetermine the permutation to be carried out will be the number resultingin base 10 of the random positions of the signature taken in base 16(Hexadecimal) and multiplying by F. To the result 1 is added to avoid 0,which would be the identity permutation where no digit would bepermuted.

[0054] Thus we assure that the decimalisation of the N positions of thesignature will never be greater than the maximum number of possiblepermutations P for the number T of intermediary positions. Themultiplier factor F only distributes the resulting number uniformlyamongst the different possibilities.

[0055] After applying the algorithm specified we would obtain a decimalnumber between 1 and P that will be the decimalisation of thetransaction signature. (In the example it would be a number between 1and 362880).

[0056] The next operative phase, the permutation step (11), is carriedout in the following way:

[0057] The BIN of the original card is substituted by another BINspecified by the issuer, which may be the same one or a different one,the only condition being that it must be globally recognised so that thetransactions started with cards belonging to that BIN be correctlydirected to that Issuer.

[0058] The intermediary positions between the BIN and the check digitwill be the ones that undergo the actual permutation according to theprocess explained below:

[0059] The decimalised value of the transaction signature is divided bythe number of positions to be altered T and to the remainder of saidquotient 1 is added, obtaining a value between 1 and T, that willdetermine the position of the number of the original payment card, whosevalue we will transfer to the first position of the number of thepermuted payment card.

[0060] Next, the quotient above is divided by (T−1) and to the remainderis added 1 obtaining a value between 1 and T−1 that will determine theposition to be permuted of the remaining number of the original paymentcard (once the permuted position from the previous step has beeneliminated), whose value is transferred to the second position of thenumber of the permuted payment card.

[0061] This process continues until there are no remaining positions inthe number of the original payment card, i.e. it is carried outiteratively T times.

[0062] The payment card number obtained in this way will be theintermediary positions of the altered payment card.

[0063] The Check-Digit, which occupies the last position of the originalpayment card does not undergo any change and is transferred intact tothe last position of the number of the altered payment card.

[0064] To obtain the expiry date of the altered payment card thefollowing steps are necessary:

[0065] The expiry date of the payment cards is divided into fourpositions, two for the month MM and two for the year YY.

[0066] To obtain the month of the altered payment card, the numberresulting from the decimalisation of the signature is divided by 12 andto the remainder 1 and the month of the original card are added. Thisnumber is again divided by 12 and 1 is added to the remainder, thusobtaining the month of the altered payment card.

[0067] I.e.

Permuted MM=[Decimalisation of the signature mod 12+1+original MM] mod12+1

[0068] To obtain the year of the altered card, first the issuer decideson the two-year window it is going to work with, this number being thenumber of years from the current year that can be obtained in theprocess. This value will be A. For example, if the current year is 2001and a window of 15 years is required, then the years resulting from theprocess will be between 02(2002) and 17(2017).

[0069] Next the number resulting from the decimalisation of thesignature is divided by A and to the remainder 1 and the year of theoriginal payment card are added. This number is divided by 12 again andto the remainder 1 and the last two digits of the current year areadded, thus obtaining the year of the altered payment card. I.e.

Permuted YY=[(Decimalisation of the signature mod A+1+original YY] modA+1+current YY

[0070] The next step in the process, referred to as (12) in FIG. 1,specifically the fourth step, consists of sending the data, the altereddata to be specific, from the issuer's authentication server (5) to theacquirer's server (7), as a substitute for the original data, in orderto carry out the corresponding authorisation order at the issuing body'sprocessing centre (6), as is also shown in FIG. 1.

[0071] In said processing centre (6) of the issuing body or authority(3), the last three steps of the process are carried out, specificallythe decimalisation (14) signature (13) and the reverse process (15).

[0072] To obtain the transaction signature in step (13), the processingcentre (6) of the issuing body generates the transaction signature usingthe same process as the authentication server (5) in step (9).

[0073] To this end the Processing Centre of the Issuing Body takes thespecific data from the transaction flow, taking into account that itmust be the data used when the signature was generated in step (9) bythe Issuer's Authentication Server (5) (e.g. Amount of the transaction,Order Identification Number within the business, Business IdentificationCode, Transaction Currency).

[0074] Likewise the secret key the Authentication Server also has andwhich obviously does not make the journey in the transaction flow shouldbe used.

[0075] Lastly, the algorithm that the transaction signature generatesshould be the same. (E.g. SHA-1)

[0076] For the decimalisation phase (14), the decimalisation of thetransaction signature is also calculated, in exactly the same way as itwas calculated in step (10), bearing in mind that this should be thesame two random positions, positions that are known only to the issuingbody or authority (3).

[0077] Lastly and in order to carry out phase (15) of the inverseprocess of the card number, the BIN of the altered card will besubstituted by the original one and the intermediary positions betweenthe BIN and the Check Digit will be the ones that will actually undergothe following inverse permutation process:

[0078] The decimalised value of the transaction signature is divided bythe number of positions to be altered T and to the remainder of saidquotient 1 is added, obtaining a value between 1 and T, which willdetermine the position of the number of the original payment card wewill put the first digit of the number of the altered payment card.

[0079] Next the quotient above is divided by (T−1) and to the remainder1 is added obtaining a value between 1 and T−1 that will determine theposition to be permuted of the remaining number of the original paymentcard (once the permuted position in the previous step has beeneliminated), whose value will be in the second position of the number ofthe permuted payment card.

[0080] This process continues until there are no more positions, i.e. itis carried out iteratively T times.

[0081] The payment card number obtained this way will be theintermediary digits of the original payment card.

[0082] The Check-Digit that occupies the last position of the alteredpayment card does not change at all and is transferred intact to thelast position of the original payment card number.

[0083] To obtain the expiry date of the original payment card thefollowing steps should be carried out:

[0084] The expiry date of the altered payment cards, as in the originalcards, has four positions, two for the month MM and two for the year YY.

[0085] To obtain the month of the original payment card 12 units areadded to the month of the altered card and then 2 units and theremainder of the number resulting from the transaction signature dividedby 12 are subtracted. This number is divided by 12 and the remainder isthe month of the original payment card. I.e.

Original MM=[Permuted MM+12−2−Decimalisation of the signature mod 12]mod 12

[0086] To obtain the year of the original payment card A is added to theyear of the altered card and then 2 units, the remainder of the numberresulting from the decimalisation of the transaction signature dividedby A and the last two positions of the current year are subtracted. I.e.

Original YY=[Permuted YY+A−2−Decimalisation of signature mod A−currentYY] mod A

PRACTICAL EXAMPLE OF INVENTION

[0087] Original card—494000 123456789 7

[0088] Original expiry date—May 3

[0089] Specific BIN—494055

[0090] Window of years for calculating expiry—15

[0091] Since the card has 9 intermediary positions, T=9

[0092] Random signature positions for decimalisation—4 and 9

[0093] Transaction order amount—5234

[0094] Transaction order number—123456

[0095] Business number—999008881

[0096] Transaction currency 978 (euros)

[0097] Issuer's secret key for calculatingsignature—qwertyasdf0123456789

[0098] Step 1: Obtaining the Transaction Signature

[0099] To calculate the transaction signature we apply the algorithmSHA-1 to the chain:

[0100] Order amount+Order number+Business identification+Currency+Secretkey. The result is the following hexadecimal:

[0101] 09 FD 78 D4 0B 0C 6A AA 45 5C 2D D8 16 85 CC 11 04 3B CD

[0102] Step 2: Decimalisation of the Transaction Signature

[0103] The three basic parts of the card number are the following:494000 123456789 7 BIN Intermediary Data CD (Check Digit)

[0104] Number of positions in the signature that must be taken: Since Tis equal to 9, P=9!=362880. Once you have P, to calculate the number ofpositions necessary we raise 256 to different whole numbers until wefind the greatest one that makes the result of raising 256 to it lessthan P. In this case we have 256**2=65536, which is less than P, so wecalculate 256**3, which gives us 16777216. As this is already greaterthan P, the greatest whole number that fulfils the condition statedabove is 2, meaning that N will be equal to 2.

[0105] The 2 random positions of SHA-1 are chosen: 4 and 9 (D4 and AA)

[0106] Multiplier Value: F=P/(256**N)=362880/(256**2)=5

[0107] Decimal value: We calculate the decimal value of D4AA, which arethe corresponding values to positions 4 and 9 in the transactionsignature.

[0108] Decimal value=(13*16**3+4*16*2+10*16+10)*5+1=54442*5+1=272211.

[0109] Step 3: Permutation of the Payment Card Number and Changing theExpiry Date.

[0110] 3.1.1. The original BIN, 494000, is substituted by the specificBIN, 494055

[0111] 3.1.2. Calculation of the permutation:

[0112] Step 1—We calculate the position on the original card we shouldplace in the first position on the altered card:

[0113] 272211/9=30245*9+6. Take the remainder 6+1=7

[0114] Intermediary data of the original card:

[0115] Step 2—We calculate the position on the original card from theones remaining we should place in the second position on the alteredcard:

[0116] 30245/8=3780*8+5. Take the remainder 5+1=6

[0117] Intermediary data of the original card:

[0118] Step 3—We calculate the position on the original card from theones remaining we should place in the third position on the alteredcard:

[0119] 3780/7=540*7+0. Take the remainder 0+1=1

[0120] Intermediary data of the original card:

[0121] Step 4—We calculate the position on the original card from theones remaining we should place in the fourth position on the alteredcard:

[0122] 540/6=90*6+0. Take the remainder 0+1=1

[0123] Step 5—We calculate the position on the original card from theones remaining we should place in the fifth position on the alteredcard:

[0124] 90/5=18*5+0. Take the remainder 0+1=1

[0125] Step 6—We calculate the position on the original card from theones remaining we should place in the sixth position on the alteredcard:

[0126] 18/4=4*4+2. Take the remainder 2+1=3

[0127] Step 7—We calculate the position on the original card from theones remaining we should place in the seventh position on the alteredcard:

[0128] 4/3=1*3+1. Take the remainder 1+1=2

[0129] Intermediary data of the original card:

[0130] Step 8—We calculate the position on the original card from theones remaining we should place in the eighth position on the alteredcard:

[0131] 1/2=0*3+1. Take the remainder 1+1=2

[0132] Intermediary data of the original card:

[0133] Step 9—We calculate the position on the original card from theones remaining we should place in the ninth position on the alteredcard:

[0134] Value 1 is taken

[0135] The intermediary positions of the altered card obtained are:

[0136] 761238594

[0137] 3.1.2. The Check Digit does not change.

[0138] The altered card obtained is the following:

[0139] 3.2.1. To calculate the month of the altered card: We use thedecimal value calculated before (272211):

[0140] We calculate modulus 12 of the decimal value:

[0141] 272211/12=22684*12+3. The remainder is 3.

[0142] To the remainder above we add 1 and the month of the originalcard:

[0143] 3+5+1=9.

[0144] We calculate modulus 12 of the result and add 1:

[0145] 9/12=0*12+9. The remainder is 9.

[0146] 9+1=10. The month of the altered card is 10.

[0147] 3.2.2. To calculate the year of the altered card: We use thedecimal value calculated before (272211):

[0148] Since A=15, we calculate modulus 15 of the decimal value:

[0149] 272211/15=18147*15+6. The remainder is 6

[0150] To the remainder we add 1 and the year of the original card:

[0151] 6+3+1=10.

[0152] We calculate modulus 15 of the result and add 1 and the last twopositions of the current year. In this case the current year is 2001, sothe last two positions are 01:

[0153] 10/15=0*15+10. The remainder is 10.

[0154] 10+1+01=12. The year of the altered card is 12.

[0155] Step 4. Sending the Altered Card in the Transaction's Data Flow.

[0156] In the transaction flow the following pieces of data, amongstothers, make the journey:

[0157] Altered card to be used in the transaction: 494055 7612348594 7

[0158] Altered card's expiry date to be used in the transaction: October12

[0159] Transaction order amount—5234

[0160] Transaction order number—123456

[0161] Identifying code of the business—999008881

[0162] Currency of the transaction—978 (euros)

[0163] Step 5. Obtaining the Transaction Signature

[0164] To obtain the transaction signature we repeat Step 1 using thedata that go in the transaction flow and the secret key that theProcessing Centre of the Issuing Body and the Authentication Server bothhave.

[0165] The transaction signature in SHA-1 calculated in this step mustbe the same as the one calculated in Step 1:

[0166] 09 FD 78 D4 0B 8A 0C 6A AA 45 5C 2D D8 16 85 CC 11 04 3B CD

[0167] Step 6. Decimalisation of the Transaction Signature.

[0168] Step 2 is repeated to obtain the decimal value: 272211

[0169] Step 7. Inverse Process.

[0170] 7.1.1. The specific BIN, 494055, is substituted by the originalBIN, 494000.

[0171] 7.1.2. Calculation of the permutation:

[0172] Step 1—We calculate the position on the original card where weshould place the value of the first position of the altered card:

[0173] 272211/9=30245*9+6. Take the remainder 6+1=7

[0174] Intermediary data of the original card:

[0175] Step 2—We calculate the position on the original card from theones remaining where we should place the value of the second position ofthe altered card:

[0176] 30245/8=3780*8+5. Take the remainder 5+1=6

[0177] Intermediary data of the original card:

[0178] Step 3—We calculate the position on the original card from theones remaining where we should place the value of the third position ofthe altered card:

[0179] 3780/7=540*7+0. Take the remainder 0+1=1

[0180] Intermediary data of the original card:

[0181] Step 4—We calculate the position on the original card from theones remaining where we should place the value of the fourth position ofthe altered card:

[0182] 540/6=90*6+0. Take the remainder 0+1=1

[0183] Intermediary data of the original card:

[0184] Step 5—We calculate the position on the original card from theones remaining where we should place the value of the fifth position ofthe altered card:

[0185] 90/5=18*5+0. Take the remainder 0+1=1

[0186] Intermediary data of the original card:

[0187] Step 6—We calculate the position on the original card from theones remaining where we should place the value of the sixth position ofthe altered card:

[0188] 18/4=4*4+2. Take the remainder 2+1=3

[0189] Step 7—We calculate the position on the original card from theones remaining where we should place the value of the seventh positionof the altered card:

[0190] 4/3=1*3+1. Take the remainder 1+1=2

[0191] Intermediary data of the original card:

[0192] Step 8—We calculate the position on the original card from theones remaining where we should place the value of the eighth position ofthe altered card:

[0193] 1/2=0*3+1. Take the remainder 1+1=2

[0194] Intermediary data of the original card:

[0195] Step 9—We calculate the position on the original card from theones remaining where we should place the value of the ninth position ofthe altered card:

[0196] Value 1

[0197] The intermediary data of the original card obtained are:

[0198] 123456789

[0199] 7.1.3. The Check Digit does not change.

[0200] The original card recovered is the following:

[0201] 7.2.1. To calculate the original month: We use the decimal valuecalculated before (272211):

[0202] We calculate modulus 12 of the decimal value:

[0203] 272211/12=22684*12+3. The remainder is 3.

[0204] We add 12 to the altered month and subtract 2 and the previousresult:

[0205] 10+12−2−3=17.

[0206] We calculate modulus 12:

[0207] 17/12=1*12+5. The remainder is 5.

[0208] The original month is 05.

[0209] 7.2.2. To calculate the original year: We use the decimal valuecalculated before (272211):

[0210] Since A=15, we calculate modulus 15 of the decimal value:

[0211] 272211/15=18147*15+6. The remainder is 6.

[0212] We add 15 to the year of the altered card and subtract 2, theprevious result and the last two positions of the current year:

[0213] 12+15−2−6−01=18.

[0214] We calculate modulus 15:

[0215] 18/15=1*15+3. The remainder is 3.

[0216] The original year is 03.

1. The reversible generation process of altered payment cards by meansof a mathematical algorithm, being of special use in Ecommercetransactions carried out over the Internet, and using cards furnishedwith a determined number, consisting of the BIN in the first positions,intermediary positions and a final digit called the “Check Digit” anddata corresponding to the expiry date, once the customer has decided onthe real payment card, is characterised by the following operativephases: The Authentication Server (5) of the issuer (3) generates thetransaction signature (9) with prior authentication by the paymentcardholder (1). The Authentication Server (5) of the issuer (3) carriesout the decimalisation (10) of the transaction signature (9) to obtain avalid permutation number according to the number of positions to bepermuted on the payment card number. The payment card's intermediarydigits are permuted (11) by the fixing of a BIN by the processor andmaintaining the Check Digit of the payment card and at the same time bychanging the payment card's expiry date, which is used as the alteredcard's expiry date. The altered card obtained in this way is sent in thedata flow (12) of the transaction of the means of payment to carry outthe corresponding authorisation request in the processing centre (6) ofthe issuing body (3) instead of with the original, through the acquiringserver (7). The processing centre (6) of the issuing body (3) generatesthe transaction signature (13) by the same process as the authenticationserver (5) in the first step. Likewise the decimalisation of thetransaction signature (14) is calculated in the same way as in thesecond step. Given that the process is reversible, the expiry date ofthe real card is obtained by carrying out the inverse process ofchanging the altered card's expiry date. In the same way, to put eachdigit of the altered payment card number back in the initial positionson the original card the inverse permutation process (15) of the processcarried out in the third step is carried out. Lastly, the processingcentre (6) of the issuing body continues the process, being careful togenerate the altered number each time it is necessary in the lifecycleof the transaction of means of payment, requests for copies, setbacks,etc.
 2. The process of reversible generation of altered payment cards bymeans of a mathematical algorithm, according to claim 1, ischaracterised by the fact that the altered card and its altered expirydate must appear to be the original card an expiry date.
 3. The processof reversible generation of altered payment cards by means of amathematical algorithm, according to claim 1, is characterised by thefact that the BIN of the altered card must be globally recognised andbelong to the habitual processing centre of the original payment card.4. The process of reversible generation of altered payment cards bymeans of a mathematical algorithm, according to claim 1, ischaracterised by the fact that the length of the altered card must beequal to the original.
 5. The process of reversible generation ofaltered payment cards by means of a mathematical algorithm, according toclaim 1, is characterised by the fact that the number of the alteredcard must be specific to each transaction.
 6. The process of reversiblegeneration of altered payment cards by means of a mathematicalalgorithm, according to claim 1, is characterised by the fact that thenumber of the altered card must be unpredictable.
 7. The process ofreversible generation of altered payment cards by means of amathematical algorithm, according to claim 1, is characterised by thefact that the system that overlooks the process must be sound enough todetect any fraudulent attempt at using it by third persons.
 8. Theprocess of reversible generation of altered payment cards by means of amathematical algorithm, according to claim 1, is characterised by thefact that the decimalisation (10) of the transaction signature (9) ismade up of the following operative phases: Depending on the number ofintermediary positions to be permuted, as many positions (N) of thesignature are taken so that N is the largest whole number that makes256*N (256 to the power of N) less than the number of permutations (P)of the number of intermediary positions (T), i.e. T!, A multiplierfactor F is determined, which is the whole part of the result of thedivision of the number of permutations (P) by 256*N, i.e. F=Whole Part[P/(256*N)] The decimalisation (10) of the transaction signature (9)used to determine the permutation necessary is the result, in base 10,of the N random positions of the signature (9) in base 16 (hexadecimal),multiplied by factor F and adding 1 to the result to prevent the valuefrom being 0, which would be the identity permutation and would notallow the permutation of any digit.
 9. The process of reversiblegeneration of altered payment cards by means of a mathematicalalgorithm, according to claim 8, is characterised by the fact that thedecimalisation of the N positions of the signature is never greater thanthe maximum number of permutations possible P for the number T ofintermediary positions.
 10. The process of reversible generation ofaltered payment cards by means of a mathematical algorithm, according toclaim 8, is characterised by the fact that the multiplier factor F onlydistributes the number resulting between the different possibilities ina uniform manner.
 11. The process of reversible generation of alteredpayment cards by means of a mathematical algorithm, according to claim8, is characterised by the fact that the decimal number obtained afterthe process of decimalisation is between 1 and P.
 12. The process ofreversible generation of altered payment cards by means of amathematical algorithm, according to claim 1, is characterised by thefact that the permutation (11) of the transaction signature (9) consistsof the following operative phases: The decimalised value (10) of thetransaction signature (9) is divided by the number of positions to bepermuted T and to the remainder of said quotient is added 1, obtaining avalue between 1 and T, which determines the position of the originalpayment card number, whose value is transferred to the first position onthe permuted payment card number. The quotient above is divided by (T−1)and then 1 is added obtaining a value between 1 and T−1 that determinesthe position to be permuted of the remaining number of the originalpayment card (once the permuted position of the previous step has beeneliminated), whose value is transferred to the second position on thenumber of the altered payment card. This process continues until thereare no more positions on the original payment card, i.e. iteratively Ttimes.
 13. The process of reversible generation of altered payment cardsby means of a mathematical algorithm, according to claim 1, ischaracterised by the fact that to obtain the month of the alteredpayment card the following operative phases must be carried out: Theresult of the decimalisation (10) of the signature (9) is divided by 12and then 1 and the month of the original card are added, This is dividedby 12 and 1 is added to the result, thus obtaining the month of thealtered payment card.
 14. The process of reversible generation ofaltered payment cards by means of a mathematical algorithm, according toclaim 1, is characterised by the fact that to obtain the year of thealtered payment card the following operative phases must be carried out:The result of the decimalisation (10) of the signature (9) is divided bythe year window A starting from the current year that can be obtainedfrom the process and then 1 and the year of the original card are added,This is divided again by A and 1 and the last two digits of the currentyear are added, thus obtaining the year of the altered payment card. 15.The process of reversible generation of altered payment cards by meansof a mathematical algorithm, according to claim 14, is characterised bythe fact that the year window A is
 15. 16. The process of reversiblegeneration of altered payment cards by means of a mathematicalalgorithm, according to claims 1 and 8, is characterised by the factthat the decimalisation (10) of the transaction signature (9) in theprocessing centre (6) of the issuing body (3) consists of the sameoperative phases as the decimalisation (10) of the transaction signature(9) in the authentication server (3) of the issuing body (3).
 17. Theprocess of reversible generation of altered payment cards by means of amathematical algorithm, according to claims 1 and 12, is characterisedby the fact that the permutation (15) of the transaction signature (9)in the processing centre (6) of the issuing body (3) consists of thesame operative phases as the permutation (11) of the transactionsignature (9) in the authentication server (3) of the issuing body (3).18. The process of reversible generation of altered payment cards bymeans of a mathematical algorithm, according to claims 1 and 13, ischaracterised by the fact that to obtain the month of the originalpayment card in the processing centre (6) of the issuing body (3) thesame operative phases are necessary as those necessary to obtain themonth of the altered payment card in the authentication server (5) ofthe issuing body (3).
 19. The process of reversible generation ofaltered payment cards by means of a mathematical algorithm, according toclaims 1 and 13, is characterised by the fact that to obtain the year ofthe original payment card in the processing centre (6) of the issuingbody (3) the same operative phases are necessary as those necessary toobtain the year of the altered payment card in the authentication server(5) of the issuing body (3).